let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions 4 Packages Projects Releases Wiki Activity
Files
a6c309824ed4c013abbde45a15b1428cb9e29940
clawdbot/CHANGELOG.md
Peter Steinberger 014667e00b fix: tighten group elevated targeting
2026-01-08 22:57:18 +01:00

10 KiB
Raw Blame History

Changelog

Unreleased

  • Security: per-agent mention patterns and group elevated directives now require explicit mention to avoid cross-agent toggles.
  • Config: support inline env vars in config (env.* / env.vars) and document env precedence.
  • Agent: enable adaptive context pruning by default for tool-result trimming.
  • Doctor: check config/state permissions and offer to tighten them. — thanks @steipete
  • Doctor/Daemon: audit supervisor configs, add --repair/--force flows, surface service config audits in daemon status, and document user vs system services. — thanks @steipete
  • Daemon: align generated systemd unit with docs for network-online + restart delay. (#479) — thanks @azade-c
  • Doctor: run legacy state migrations in non-interactive mode without prompts.
  • Cron: parse Telegram topic targets for isolated delivery. (#478) — thanks @nachoiacovino
  • Outbound: default Telegram account selection for config-only tokens; remove heartbeat-specific accountId handling. (follow-up #516) — thanks @YuriNachos
  • Cron: allow Telegram delivery targets with topic/thread IDs (e.g. -100…:topic:123). (#474) — thanks @mitschabaude-bot
  • Heartbeat: resolve Telegram account IDs from config-only tokens; cron tool accepts canonical jobId and legacy id for job actions. (#516) — thanks @YuriNachos
  • Discord: stop provider when gateway reconnects are exhausted and surface errors. (#514) — thanks @joshp123
  • Agents: strip empty assistant text blocks from session history to avoid Claude API 400s. (#210)
  • Auto-reply: preserve block reply ordering with timeout fallback for streaming. (#503) — thanks @joshp123
  • Auto-reply: block reply ordering fix (duplicate PR superseded by #503). (#483) — thanks @AbhisekBasu1
  • Auto-reply: avoid splitting outbound chunks inside parentheses. (#499) — thanks @philipp-spiess
  • Status: show provider prefix in /status model display. (#506) — thanks @mcinteerj
  • macOS: package ClawdbotKit resources and Swift 6.2 compatibility dylib to avoid launch/tool crashes. (#473) — thanks @gupsammy
  • WhatsApp: group /model list output by provider for scannability. (#456) - thanks @mcinteerj
  • Hooks: allow per-hook model overrides for webhook/Gmail runs (e.g. GPT 5 Mini).
  • Control UI: logs tab opens at the newest entries (bottom).
  • Control UI: add Docs link, remove chat composer divider, and add New session button.
  • Telegram: retry long-polling conflicts with backoff to avoid fatal exits.
  • Telegram: fix grammY fetch type mismatch when injecting fetch. (#512) — thanks @YuriNachos
  • WhatsApp: resolve @lid JIDs via Baileys mapping to unblock inbound messages. (#415)
  • Agent system prompt: avoid automatic self-updates unless explicitly requested.
  • Onboarding: tighten QuickStart hint copy for configuring later.
  • Onboarding: avoid “token expired” for Codex CLI when expiry is heuristic.
  • Onboarding: QuickStart jumps straight into provider selection with Telegram preselected when unset.
  • Onboarding: QuickStart auto-installs the Gateway daemon with Node (no runtime picker).
  • Daemon runtime: remove Bun from selection options.
  • CLI: restore hidden gateway-daemon alias for legacy launchd configs.
  • Control UI: show skill install progress + per-skill results, hide install once binaries present. (#445) — thanks @pkrmf

2026.1.8

Highlights

  • Security: DMs locked down by default across providers; pairing-first + allowlist guidance.
  • Sandbox: per-agent scope defaults + workspace access controls; tool/session isolation tuned.
  • Agent loop: compaction, pruning, streaming, and error handling hardened.
  • Providers: Telegram/WhatsApp/Discord/Slack reliability, threading, reactions, media, and retries improved.
  • Control UI: logs tab, streaming stability, focus mode, and large-output rendering fixes.
  • CLI/Gateway/Doctor: daemon/logs/status, auth migration, and diagnostics significantly expanded.

Breaking

  • SECURITY (update ASAP): inbound DMs are now locked down by default on Telegram/WhatsApp/Signal/iMessage/Discord/Slack.
    • Previously, if you didnt configure an allowlist, your bot could be open to anyone (especially discoverable Telegram bots).
    • New default: DM pairing (dmPolicy="pairing" / discord.dm.policy="pairing" / slack.dm.policy="pairing").
    • To keep old “open to everyone” behavior: set dmPolicy="open" and include "*" in the relevant allowFrom (Discord/Slack: discord.dm.allowFrom / slack.dm.allowFrom).
    • Approve requests via clawdbot pairing list --provider <provider> + clawdbot pairing approve --provider <provider> <code>.
  • Sandbox: default agent.sandbox.scope to "agent" (one container/workspace per agent). Use "session" for per-session isolation; "shared" disables cross-session isolation.
  • Timestamps in agent envelopes are now UTC (compact YYYY-MM-DDTHH:mmZ); removed messages.timestampPrefix. Add agent.userTimezone to tell the model the users local time (system prompt only).
  • Model config schema changes (auth profiles + model lists); doctor auto-migrates and the gateway rewrites legacy configs on startup.
  • Commands: gate all slash commands to authorized senders; add /compact to manually compact session context.
  • Groups: whatsapp.groups, telegram.groups, and imessage.groups now act as allowlists when set. Add "*" to keep allow-all behavior.
  • Auto-reply: removed autoReply from Discord/Slack/Telegram channel configs; use requireMention instead (Telegram topics now support requireMention overrides).
  • CLI: remove update, gateway-daemon, gateway {install|uninstall|start|stop|restart|daemon status|wake|send|agent}, and telegram commands; move login/logout to providers login/logout (top-level aliases hidden); use daemon for service control, send/agent/wake for RPC, and nodes canvas for canvas ops.

Fixes

  • CLI/Gateway/Doctor: daemon runtime selection + improved logs/status/health/errors; auth/password handling for local CLI; richer close/timeout details; auto-migrate legacy config/sessions/state; integrity checks + repair prompts; --yes/--non-interactive; --deep gateway scans; better restart/service hints.
  • Agent loop + compaction: compaction/pruning tuning, overflow handling, safer bootstrap context, and per-provider threading/confirmations; opt-in tool-result pruning + compact tracking.
  • Sandbox + tools: per-agent sandbox overrides, workspaceAccess controls, session tool visibility, tool policy overrides, process isolation, and tool schema/timeout/reaction unification.
  • Providers (Telegram/WhatsApp/Discord/Slack/Signal/iMessage): retry/backoff, threading, reactions, media groups/attachments, mention gating, typing behavior, and error/log stability; long polling + forum topic isolation for Telegram.
  • Gateway/CLI UX: clawdbot logs, cron list colors/aliases, docs search, agents list/add/delete flows, status usage snapshots, runtime/auth source display, and /status/commands auth unification.
  • Control UI/Web: logs tab, focus mode polish, config form resilience, streaming stability, tool output caps, windowed chat history, and reconnect/password URL auth.
  • macOS/Android/TUI/Build: macOS gateway races, QR bundling, JSON5 config safety, Voice Wake hardening; Android EXIF rotation + APK naming/versioning; TUI key handling; tooling/bundling fixes.
  • Packaging/compat: npm dist folder coverage, Node 25 qrcode-terminal import fixes, Bun/Playwright/WebSocket patches, and Docker Bun install.
  • Docs: new FAQ/ClawdHub/config examples/showcase entries and clarified auth, sandbox, and systemd docs.

Maintenance

  • Skills additions (Himalaya email, CodexBar, 1Password).
  • Dependency refreshes (pi-* stack, Slack SDK, discord-api-types, file-type, zod, Biome, Vite).
  • Refactors: centralized group allowlist/mention policy; lint/import cleanup; switch tsx → bun for TS execution.

2026.1.5

Highlights

  • Models: add image-specific model config (agent.imageModel + fallbacks) and scan support.
  • Agent tools: new image tool routed to the image model (when configured).
  • Config: default model shorthands (opus, sonnet, gpt, gpt-mini, gemini, gemini-flash).
  • Docs: document built-in model shorthands + precedence (user config wins).
  • Bun: optional local install/build workflow without maintaining a Bun lockfile (see docs/bun.md).

Fixes

  • Control UI: render Markdown in tool result cards.
  • Control UI: prevent overlapping action buttons in Discord guild rules on narrow layouts.
  • Android: tapping the foreground service notification brings the app to the front. (#179) — thanks @Syhids
  • Cron tool uses id for update/remove/run/runs (aligns with gateway params). (#180) — thanks @adamgall
  • Control UI: chat view uses page scroll with sticky header/sidebar and fixed composer (no inner scroll frame).
  • macOS: treat location permission as always-only to avoid iOS-only enums. (#165) — thanks @Nachx639
  • macOS: make generated gateway protocol models Sendable for Swift 6 strict concurrency. (#195) — thanks @andranik-sahakyan
  • macOS: bundle QR code renderer modules so DMG gateway boot doesn't crash on missing qrcode-terminal vendor files.
  • macOS: parse JSON5 config safely to avoid wiping user settings when comments are present.
  • WhatsApp: suppress typing indicator during heartbeat background tasks. (#190) — thanks @mcinteerj
  • WhatsApp: mark offline history sync messages as read without auto-reply. (#193) — thanks @mcinteerj
  • Discord: avoid duplicate replies when a provider emits late streaming text_end events (OpenAI/GPT).
  • CLI: use tailnet IP for local gateway calls when bind is tailnet/auto (fixes #176).
  • Env: load global $CLAWDBOT_STATE_DIR/.env (~/.clawdbot/.env) as a fallback after CWD .env.
  • Env: optional login-shell env fallback (opt-in; imports expected keys without overriding existing env).
  • Agent tools: OpenAI-compatible tool JSON Schemas (fix browser, normalize union schemas).
  • Onboarding: when running from source, auto-build missing Control UI assets (bun run ui:build).
  • Discord/Slack: route reaction + system notifications to the correct session (no main-session bleed).
  • Agent tools: honor agent.tools allow/deny policy even when sandbox is off.
  • Discord: avoid duplicate replies when OpenAI emits repeated message_end events.
  • Commands: unify /status (inline) and command auth across providers; group bypass for authorized control commands; remove Discord /clawd slash handler.
  • CLI: run clawdbot agent via the Gateway by default; use --local to force embedded mode.
Reference in New Issue View Git Blame Copy Permalink